Amazon CloudWatch Logs and Metrics destination plugin

The Amazon CloudWatch Logs and Metrics destination plugin lets you configure Chronosphere Telemetry Pipeline to stream your log data and metrics to CloudWatch Logs and Metrics, respectively.

Supported telemetry types

This plugin supports these telemetry types:

Logs	Metrics	Traces

Configuration parameters

Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.

Required

Name	Key	Description	Default
Region	`region`	Required. The AWS region to which to send your data.	`us-east-1`
CloudWatch Log Group Name	`log_group_name`	Required. CloudWatch Log Group Name.	none
CloudWatch Log Stream Name	`log_stream_name`	Required. CloudWatch Log Stream Name. Not compatible with Log Stream Prefix.	none

AWS Authentication

Name	Key	Description	Default
IAM Role ARN	`role_arn`	ARN of an IAM role to assume. For example, for cross account access.	none
CloudWatch Logs and Metrics API Endpoint	`endpoint`	Custom endpoint for the Firehose API.	none
STS API Endpoint	`sts_endpoint`	Custom endpoint for the STS API.	none
External ID for STS API	`external_id`	Specifies an external ID for the STS API. Can be used with the `role_arn` parameter if your role requires an external ID.	none

Advanced

Name	Key	Description	Default
CloudWatch Log Stream Name Prefix	`log_stream_prefix`	Prefix for CloudWatch Log Stream Name. Tag is appended to the prefix to form the stream name.	none
CloudWatch Log Group Template	`log_group_template`	Template for CloudWatch Log Group name using record accessor syntax. If needed, the plugin falls back to the `log_group_name` value.	none
CloudWatch Log Stream Template	`log_stream_template`	Template for CloudWatch Log Stream name using record accessor syntax. If needed, the plugin falls back to the `log_stream_name` or `log_stream_prefix` value.	none
Number of days to retain logs	`log_retention_days`	Any newly created log group's retention policy is set to this many days. Accepted values: `0`, `1`, `3`, `5`, `7`, `14`, `30`, `60`, `90`, `120`, `150`, `180`, `365`, `400`, `545`, `731`, `1827`, `3653`.	`0`
Log Format	`log_format`	Used to tell CloudWatch the format of the data. A value of `json/emf` enables CloudWatch to extract custom metrics embedded in a JSON payload.	none
Log Key	`log_key`	By default, the entire log record is sent to CloudWatch. If you specify a key name with this option, only the value of that key is sent to CloudWatch. For example, if you're using the Fluentd Docker log driver, you can specify `log_key log`, and only the log message is sent to CloudWatch.	none
Enable Auto Retry Requests	`enable_retry_requests`	Whether to immediately retry failed requests to AWS services one time. This option doesn't affect the normal Telemetry Pipeline retry mechanism with backoff. Instead, it enables an immediate retry with no delay for networking errors, which can help improve throughput when there are transient or random networking issues. Accepted values: `true`, `false`.	`false`
Enable Auto Create Log Group	`auto_create_group`	Whether to automatically create the log group. Log streams are always automatically created. Accepted values: `true`, `false`.	`false`
Metric namespace for CloudWatch EMF logs	`metric_namespace`	Metric namespace for CloudWatch EMF logs.	none
Metric Dimension List	`metric_dimensions`	Metric dimensions is a list of lists. If you have only one list of dimensions, put the values as a comma-separated string. If you want to put list of lists, use the list as semicolon-separated strings. If your value is `d1,d2;d3`, the plugin considers it as [d1, d2], [d3].	none

Security and TLS

Name	Key	Description	Default
TLS	`tls`	Enables or disables TLS/SSL support. Accepted values: `true`, `false`.	`false`
TLS Certificate Validation	`tls.verify`	Enables or disables TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: `off`, `on`.	`on`
TLS Debug Level	`tls.debug`	Sets TLS debug verbosity level. Accepted values: `0` (No debug), `1` (Error), `2` (State change), `3` (Informational), `4` (Verbose).	`1`
CA Certificate File Path	`tls.ca_file`	Absolute path to CA certificate file.	none
Certificate File Path	`tls.crt_file`	Absolute path to certificate file.	none
Private Key File Path	`tls.key_file`	Absolute path to private key file.	none
Private Key Path Password	`tls.key_passwd`	Password for private key file.	none
TLS SNI Hostname Extension	`tls.vhost`	Hostname to be used for TLS SNI extension.	none

Advanced Networking

Name	Key	Description	Default
DNS Mode	`net.dns.mode`	Selects the primary DNS connection type, which can be `TCP` or `UDP`.	none
DNS Resolver	`net.dns.resolver`	Selects the primary DNS connection type, which can be `LEGACY` or `ASYNC`.	none
Prefer IPv4	`net.dns.prefer_ipv4`	Prioritizes IPv4 DNS results when trying to establish a connection. Accepted values: `true`, `false`.	`false`
Keepalive	`net.keepalive`	Enables or disables Keepalive support. Accepted values: `true`, `false`.	`true`
Keepalive Idle Timeout	`net.keepalive_idle_timeout`	Sets the maximum time allowed for an idle Keepalive connection.	`30s`
Max Connect Timeout	`net.connect_timeout`	Sets the maximum time allowed to establish a connection, which includes the TLS handshake.	`10s`
Max Connect Timeout Log Error	`net.connect_timeout_log_error`	Specifies whether to log an error on connection timeout. When disabled, the timeout is logged as a debug message. Accepted values: `true`, `false`.	`true`
Max Keepalive Recycle	`net.keepalive_max_recycle`	Sets the maximum number of times a keepalive connection can be used before it's retired.	`2000`
Source Address	`net.source_address`	Specifies the network address to bind for data traffic.	none

Destination Amazon Kinesis Firehose